Add tests for scope validation in userinfo endpoint.

This commit is contained in:
juanifioren 2015-05-07 16:08:12 -03:00
parent 03634f90e9
commit e92308e421

View file

@ -75,4 +75,20 @@ class UserInfoTestCase(TestCase):
is_header_field_ok = 'invalid_token' in response['WWW-Authenticate']
except KeyError:
is_header_field_ok = False
self.assertEqual(is_header_field_ok, True)
def test_response_with_invalid_scope(self):
token = self._create_token()
token.scope = ['otherone']
token.save()
response = self._post_request(token.access_token)
self.assertEqual(response.status_code, 403)
try:
is_header_field_ok = 'insufficient_scope' in response['WWW-Authenticate']
except KeyError:
is_header_field_ok = False
self.assertEqual(is_header_field_ok, True)